Server-side scripting PERL, PHP, ASP, SSI.

Server-side scripting is a web server technology in which a user's request is fulfilled by running a script directly on the web server to generate dynamic web pages. It is usually used to provide interactive web sites that interface to databases or other data stores. This is different from client-side scripting where scripts are run by the viewing web browser, usually in JavaScript. The primary advantage to server-side scripting is the ability to highly customize the response based on the user's requirements, access rights, or queries into data stores.

Server-side scripts are never visible to the browser as these scripts are executes on the server and emit HTML corresponding to user's input to the page.

An Active Server Page (ASP) is an HTML page that includes one or more scripts that are processed on a Microsoft Web server before the page is sent to the user. Typically, the script in the Web page at the server uses input received as the result of the user's request for the page to access data from a database and then builds or customizes the page on the fly before sending it to the requestor.

ASP is a feature of the Microsoft Internet Information Server (IIS), but, since the server-side script is just building a regular HTML page, it can be delivered to almost any browser. Name with the ".asp" file suffix.

Practical Extraction and Report Language, Perlis script programming language that is similar in syntax to the C language. Perl is an interpreted language that can optionally be compiled just before execution into either C code or cross-platform bytecode. When compiled, a Perl program is almost as fast as a fully precompiled C language program. Perl is good for CGI programs because it has good text manipulation facilities (although it also handles binary files)

SSI (Server Side Includes) are directives that are placed in HTML pages, and evaluated on the server while the pages are being served. They let you add dynamically generated content to an existing HTML page, without having to serve the entire page via a CGI program, or other dynamic technology.SSI is a great way to add small pieces of information, such as the current time. But if a majority of your page is being generated at the time that it is served, you need to look for some other solution.

PHP script (similar syntax to that of Perl or C ) is enclosed within special PHP tags. Because PHP is embedded within tags, the author can jump between HTML and PHP instead of having to rely on heavy amounts of code to output HTML. PHP can perform any task that any CGI program can do, but its strength lies in its compatibility with many types of databases.

 

34.Protection of information in computer networks based on WEB- technology.

Aspects of protection:

Securing Web technology consists of the following components.

Privacy Policy. It is necessary to ensure the transmission of information over the network without loss of privacy.

Authorized access. Necessary to provide user authentication for blocking unauthorized access to important sites.

Protection against malware and hacker attacks. Necessary to protect computer systems from hackers, viruses and other malicious programs.

As a result, industry is paying increased attention to the security of the web applications themselves in addition to the security of the underlying computer network and operating systems.

The majority of web application attacks occur through cross-site scripting (XSS) and SQL injection attacks which typically result from flawed coding, and failure to sanitize input to and output from the web application

OWASP is the emerging standards body for Web application security. In particular they have published the OWASP Top 10 which describes in detail the major threats against web applications. The Web Application Security Consortium (WASC) has created the Web Hacking Incident Database^[8] and also produced open source best practice documents on Web application security.

At a high level solutions include:

· Black Box testing tools such as Web application security scanners, vulnerability scanners and penetration testing software

· White Box testing tools such as static source code analyzers

· Fuzzing Tools used for input testing

· Web application firewalls (WAF) used to provide firewall-type protection at the web application layer

· Password cracking tools for testing password strength and implementation

 

35.The scope and prospects of development of WEB- technologies.

Small period of existence WWW service showed its relevance to the increasing number of users. This was a good incentive for the development of web-oriented concepts and technologies that enhance the user experience. Mass introduction and use of these solutions - cause qualitative changes in the World Wide Web, a kind of change "version» Web. At the moment, Internet analysts are three such "version» - Web 1.0, Web 2.0 and Web 3.0.

If Web 1.0 implies webmasters as a content provider, and Web 2.0 - peer community of users generating content of the thematic project, the Web 3.0 already allows users thereby equal to "choose" experts in a given field and "endow it with power." In other words it is semantic web. It is a kind of network over the network, containing metadata about the resources of the World Wide Web and the existing parallel with them.( machining information)

Custom wireless networks- Clients such networks can combine their own own channels of communication and create a new wireless network

World network in the 3D — three-dimensional virtual worlds will be the next stage in the development of the web (Second Life-Astana)

"Polar information systems based on the principle commerce-on-demand» - the owner of such a system is involved in profit-sharing, formed as a result of the transaction, with the help of perfect

The domination of robots. Today, robots are combing the search engines to find the right information, sending spam and viruses, who knows what will happen tomorrow? Maybe they will invent for us content, chat on forums and write blogs?

WEB 0.0 - the user connect with someone or somewhat

WEB 1.0 - the user receives content

WEB 2.0 - the user creates content

WEB 3.0 - collective content creation

WEB 4.0 - content for the user thinks

WEB 5.0 - content deals with content

WEB 6.66-content deletes users, realizing that they are meaningless